14 DAY TRIAL // Three American students were restricted by a court of law from presenting the results of a study made on the possibilities to perform some easy hacks on the fare payment system of the Boston subway. The three students at the Massachusetts Institute of Technology (MIT) wanted to prove, at this year's DEFCON hacker conference, that the security system of the Massachusetts Bay Transit Authority could be easily broken into. Their study was first used for a school project that earned them all an A.
Although the three students said that they would not give hacking advice, but only prove that public institutions could work harder to reinforce their security, a complaint from the MBTA led to a restraining order issued by a judge. According to the document, the students are banned "from providing program, information, software code, or command that would assist another in any material way to circumvent or otherwise attack the security of the Fare Media System" for ten days, after which a final decision in their case will be taken.
The Electronic Frontier Foundation (EFF) has decided to take the side of the MIT undergraduates, publicly stating that what the U.S. district judge Douglas P. Woodlock did was defying law. "The court has adopted an interpretation of the statute that is blatantly unconstitutional, equating discussion in a public forum with computer intrusion. Security and the public interest benefit immensely from the free flow of ideas and information on vulnerabilities. More importantly, squelching research and scientific discussion won't stop the attackers. It will just stop the public from knowing that these systems are vulnerable and from pressuring the companies that develop and implement them to fix security holes." said EFF Civil Liberties Director Jennifer Granick.
According to a statement of the young "lecturers," they would have included several disclaimers in their presentation. These would have indicated that their study was performed for academic purposes alone and that potentially dangerous information would not be disclosed. "We're disappointed that the court is preventing us from presenting our findings even with this safeguard." said Zack Anderson, one of the three MIT students.
While EFF prepares to appeal the restraining order, the three published the presentation in MIT's student newspaper.